Anyone know of a decent proxy server for Linux?

[MGMorden]

I'm looking for a proxy server type program (or something of the like) that I can use on a Linux box with two NIC's. One of the NIC's will be going to an ethernet jack, connect to a DHCP server and get net access, yadda, yadda. That's easy. I'm then setting up a firewall script on the machine. Next I need a way to share internet access to a hub that the second nic will be connected to. I want it to be as transparent as possible (I'm using Analog X's proxy on a windows machine right here and it sucks. just about the only thing that goes through is web and email). I want to be able to do telnet, ssh, gaming, ftp, etc. on this thing. Any suggestions? (I've looked on freshmeat but most of what I'm finding isn't quite up to the task. I'm still looking though). I'm planning on hooking up my pc, and all the broadband gameconsoles to this (PS2, Gamecube, maybe Xbox).

PS. Please don't recommend FreeSCO or LRP. I'll use those if I have to but right now I'd like to set up my own stuff. Running a webserver or gaming server is something I'm considering and the prepackaged stuff just doesn't customize well enough.

 

[n0cmonkey]

<< I'm looking for a proxy server type program (or something of the like) that I can use on a Linux box with two NIC's. One of the NIC's will be going to an ethernet jack, connect to a DHCP server and get net access, yadda, yadda. That's easy. I'm then setting up a firewall script on the machine. Next I need a way to share internet access to a hub that the second nic will be connected to. I want it to be as transparent as possible (I'm using Analog X's proxy on a windows machine right here and it sucks. just about the only thing that goes through is web and email). I want to be able to do telnet, ssh, gaming, ftp, etc. on this thing. Any suggestions? (I've looked on freshmeat but most of what I'm finding isn't quite up to the task. I'm still looking though). I'm planning on hooking up my pc, and all the broadband gameconsoles to this (PS2, Gamecube, maybe Xbox).

PS. Please don't recommend FreeSCO or LRP. I'll use those if I have to but right now I'd like to set up my own stuff. Running a webserver or gaming server is something I'm considering and the prepackaged stuff just doesn't customize well enough. >>



What is wrong with just using iptables and ipmasq? Why is proxying necessary?

 

[MGMorden]

I was going to use ipchains (or iptables. I can't remember which is in 2.4 kernels) for the firewall, but I didn't know that there was an access sharing facility included in that.

If that'll do what I want then there's nothing wrong with using that. I just don't know much about networking to set up that stuff (I had found a program called BIRD that looked prommising, but I'll look for some howto's on the ip masquerading).

 

[n0cmonkey]

<< I was going to use ipchains (or iptables. I can't remember which is in 2.4 kernels) for the firewall, but I didn't know that there was an access sharing facility included in that.

If that'll do what I want then there's nothing wrong with using that. I just don't know much about networking to set up that stuff (I had found a program called BIRD that looked prommising, but I'll look for some howto's on the ip masquerading). >>



ipmasq should do the NAT you are looking for. Proxying is a little harder and I dont know any proxies that handle more than www and email.

 

[bevancoleman]

I have seen a proxy that could do the above, but I wouldn't recomend using it in this context, a proxy is really only useful if it can proxy the data (hence why they generally only do http). Also a proxy will introduce lag into your comms, this could make games unplayable.

Apart from that it was a pain to setup (power comes at a price ).

While you don't wish to use FREESCO, it may be worth looking at it to see what packages it is using, this will give you an idea at what you are looking for (FREESCO dosn't use proxies). I personally use it, mainly because I can't be bothered spending ages setting up a full dist (though I have done so before).

 

[DaHitman]

<< I'm looking for a proxy server type program (or something of the like) that I can use on a Linux box with two NIC's. One of the NIC's will be going to an ethernet jack, connect to a DHCP server and get net access, yadda, yadda. That's easy. I'm then setting up a firewall script on the machine. Next I need a way to share internet access to a hub that the second nic will be connected to. I want it to be as transparent as possible (I'm using Analog X's proxy on a windows machine right here and it sucks. just about the only thing that goes through is web and email). I want to be able to do telnet, ssh, gaming, ftp, etc. on this thing. Any suggestions? (I've looked on freshmeat but most of what I'm finding isn't quite up to the task. I'm still looking though). I'm planning on hooking up my pc, and all the broadband gameconsoles to this (PS2, Gamecube, maybe Xbox).

PS. Please don't recommend FreeSCO or LRP. I'll use those if I have to but right now I'd like to set up my own stuff. Running a webserver or gaming server is something I'm considering and the prepackaged stuff just doesn't customize well enough. >>




http://www.e-smith.org its a pretty small version of Linux which includes just about everthing you would probably want to do, and its based on redhat so you could customize it if you wanted to add a gaming server later on etc..

Otherwise, just do what I do and run Redhat 7.1 and setup your own firwall, nat, dhcp, web, email etc.. actaully most of this is easy to do with redhat..its all pretty much installed just needs some configuring.

 

[Blundar]

use ipchains and RTFM.
squid is a good caching proxy
socks4 is a good connection transport proxy for things masq breaks. dante?

 

[n0cmonkey]

<< use ipchains and RTFM.
squid is a good caching proxy
socks4 is a good connection transport proxy for things masq breaks. dante? >>



iptables good, ipchains bad. socks 5 has been out there a while, is there any reason not to use it?

 

[StuckMojo]

i think by &quot;proxy&quot; you really mean NAT, no?

use iptables. ipchains is depricated.

 

[Zach]

<< i think by &quot;proxy&quot; you really mean NAT, no?

use iptables. ipchains is depricated. >>



No, they are different. NAT means you act like a router. Proxy means there is a program playing middle man. The main reasons to sue a proxy is caching, control, and logging. Good for schools, corperations, too many people on a small pipe.

 

[n0cmonkey]

<<

<< i think by &quot;proxy&quot; you really mean NAT, no?

use iptables. ipchains is depricated. >>



No, they are different. NAT means you act like a router. Proxy means there is a program playing middle man. The main reasons to sue a proxy is caching, control, and logging. Good for schools, corperations, too many people on a small pipe. >>



Schools in the US can get in trouble with proxies if they are not careful though.

 

[xaigi]

You dont need a proxy server. You can get full connectivity through ip masquerading. Everything becomes transparent.

See the IP masquerading DOC at linuxdoc.org

 

[Zach]

<< Schools in the US can get in trouble with proxies if they are not careful though. >>



How so? Privacy?

 

[n0cmonkey]

<<

<< Schools in the US can get in trouble with proxies if they are not careful though. >>



How so? Privacy? >>



Correct. I know this issue was mentioned quite a bit at a training confrence I attended recently. Makes me feel good to know they cant track me much if I ever go back to school...

 

[Zach]

Years ago, before I knew anyting, I helped my school. We ran MS Proxy, and used it's logs to monitor people. No privacy issues there, keeping people from jacking off in the labs. Seems odd to me that privacy is important on school computers. Public information access systems should only be used for what is publically veiwable/sppropriate.

But, that's a discussion for Off Topic.

 

[n0cmonkey]

<< Years ago, before I knew anyting, I helped my school. We ran MS Proxy, and used it's logs to monitor people. No privacy issues there, keeping people from jacking off in the labs. Seems odd to me that privacy is important on school computers. Public information access systems should only be used for what is publically veiwable/sppropriate.

But, that's a discussion for Off Topic. >>



Agreed it is offtopic. But if you are ona publicly accessible computer you should only be viewing decent things, its just more polite.